[Mageia-dev] Decoding iptables message
Pascal Terjan
pterjan at gmail.com
Wed Jul 4 16:42:41 CEST 2012
On Wed, Jul 4, 2012 at 4:07 AM, Anne Wilson <annew at kde.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Could someone please tell me what to look for, and where, to solve
> this puzzle?
Where do this message come from? I have never seen any such messages
for iptables drops.
> - --------------------- iptables firewall Begin ------------------------
>
>
> Listed by source hosts:
> Dropped 9 packets on interface eth0
> From 192.168.0.40 - 9 packets to tcp(38575)
>
> ---------------------- iptables firewall End -------------------------
>
> The machine in question is my mail/file/print server, running a
> secondary firewall inside the NAT router. Port 38575 appears to be
> unassigned, and I've only seen such messages for the last couple of days.
Which machine in question? The one displaying this message or 192.168.0.40?
> I'm pretty sure that the server hasn't been _directly_ used, i.e. with
> login to actual physical box, during that time, so the likelihood
> seems to be some service other systems on the LAN are calling for
> something.
>
> Any ideas about how to go about tracing this? I can't find it in any
> of the logs on the server. I'm working on the logs on the laptops.
More information about the Mageia-dev
mailing list